← Back to home

Privacy Policy

Effective date: July 4, 2026

FIREfly is a personal-finance app for iPhone that helps you track your net worth, budget, and investments. This policy explains, in plain English, what data the app handles, where that data lives, and who can — and cannot — see it.

The short version: your financial data stays on your device and in your own iCloud account. The developer does not operate a server that stores your balances or transactions, and does not collect, receive, or sell your financial data. The relay server that connects your bank holds only an encrypted connection token — the relay holds the keys to the data, not the data.

Who is responsible for this app

FIREfly is built and maintained by an individual developer, not a company. If you have questions about this policy or your data, see Contact below.

Where your data lives

All of the financial information you enter or import — accounts, balances, transactions, budgets, holdings, and net-worth history — is stored on your device, using Apple's on-device database technology (SwiftData).

If you have iCloud enabled, this data also syncs through your own iCloud account (Apple's CloudKit private database) so it can move between your devices. This is your personal, private iCloud storage. The developer cannot access it, and Apple governs it under Apple's Privacy Policy.

There is no FIREfly server that holds your financial data. The developer never receives your balances or transactions.

What the developer collects

Nothing about your finances by default. The app has no advertising or data-broker code, does not use Apple's advertising identifier (IDFA), and will never show the App Tracking Transparency prompt, because it does not track you across other apps or websites.

The developer does collect two narrow things, described in detail below:

Connecting a bank (optional, via Plaid)

FIREfly can optionally connect to your bank or brokerage so balances and transactions update automatically. This feature is powered by Plaid, a third-party financial-data provider.

You can disconnect a linked bank at any time from within the app.

Signing in for bank sync (Sign in with Apple)

To use the bank-connection feature, the app authenticates you to the relay using Sign in with Apple. This is used only to secure your bank-sync connection.

Analytics (opt-in, anonymized)

Product analytics help the developer understand which parts of the app are useful, so they can be prioritized. Analytics are:

Separately, the relay server keeps minimal operational logs (for example, which route was called and whether it succeeded) so the developer can keep the service running. These logs never contain token values, account data, or financial content, and reference you only by a one-way hash of your account identifier — never your identity.

Market quotes

To show current prices for your investments, the app requests quotes from a market-data provider using only ticker symbols (for example, AAPL). No personal or financial information about you is sent with a quote request.

Data you share, and data that is sold

FIREfly does not sell your data and does not share it with third parties for their own purposes. The only third party that receives data is Plaid, and only when you choose to connect a bank, solely to make that connection work.

Retention and deletion

Because your data lives on your device and in your own iCloud, you control it. You can also delete your account and all associated data at any time from within the app. Doing so:

You can also manage or delete the iCloud copy directly in the Settings app under your name → iCloud → Manage Account Storage, or disconnect a bank in-app without deleting everything else. The developer holds no separate server-side copy of your financial data to delete — account deletion in-app is what removes the relay-side tokens described above.

Security

No method of storage or transmission is ever 100% secure, but the app is designed to minimize what leaves your device in the first place.

Children's privacy

FIREfly is not directed to children and is not intended for use by anyone under 13 (or the minimum age of digital consent in your region). The app does not knowingly collect information from children.

Trying the app without connecting anything

FIREfly includes a demo mode with fictional sample profiles that lives entirely in memory. You can explore every feature this way without connecting a bank or entering any real financial data.

Beta program

During the beta period, this app is offered to a small, invited group of testers. See the Beta Terms of Service for the terms that apply while you're testing.

Changes to this policy

If this policy changes, the updated version will be posted at this URL with a new "Effective date."

Contact

Questions about this policy or your privacy? Contact the developer at support@example.com. (TODO: placeholder support address — see issue #35 for the real one.)